CeciliaB 475 Report post Posted April 5, 2016 A forum member reports that Ad-Aware blocked OTC, OldTimer's Clean-It, during execution. Download link: http://oldtimer.geekstogo.com/OTC.exe Report: http://www.lavasoftsupport.com/index.php?/topic/34494-trouble-with-malware/#entry150349 The file isn't detected by Ad-Aware on Virustotal: https://virustotal.com/en/file/29e515e04aef49b26a3b7066775798882b69dc0a3d719ee2808d2e91b3aa4936/analysis/1459851519/ Quote Share this post Link to post Share on other sites
LS.Andy 79 Report post Posted April 5, 2016 Thanks CeciliaB, I'll check it out and get back to you. Andy Quote Share this post Link to post Share on other sites
LS.Andy 79 Report post Posted April 5, 2016 Hi CeciliaB, The process was blocked by the AVC component - it has been reanalysed and will no longer be detected as of an upcoming update to be released today. Andy Quote Share this post Link to post Share on other sites
CeciliaB 475 Report post Posted April 5, 2016 Thank you, Andy Quote Share this post Link to post Share on other sites
CeciliaB 475 Report post Posted April 6, 2016 Hi again, Andy! Please, check if Ad-Aware dislikes DelFix too. Link: http://www.bleepingcomputer.com/download/delfix/ Report: http://www.lavasoftsupport.com/index.php?/topic/34494-trouble-with-malware/#entry150358 Quote Share this post Link to post Share on other sites
LS.Andy 79 Report post Posted April 6, 2016 Will do. Leave it with me - I'll get back to you as soon as I have more info. Andy Quote Share this post Link to post Share on other sites
LS.Andy 79 Report post Posted April 6, 2016 I downloaded the file and ran DelFix, but Ad-Aware didn't react. From the thread it's not 100% clear that Ad-Aware reacted on DelFix. Could they check the quarantined files to see if the DelFix file is mentioned? Scan Computer -> View Quarantined files Real Time Protection -> Detection history section -> View Details Alternatively, they can upload the detection log files and I can check it myself: C:\ProgramData\Lavasoft\Ad-Aware 11\History\RealTimeProtectionHistory.db C:\ProgramData\Lavasoft\Ad-Aware 11\History\Scanner.db Thanks, Andy Quote Share this post Link to post Share on other sites
CeciliaB 475 Report post Posted April 7, 2016 Detection History shows: Infected process detected Process of C:\Users\User\Desktop\delfix_1.010.exe was detected by Active Virus Control as infected. Kill process action was applied. http://www.lavasoftsupport.com/index.php?/topic/34494-trouble-with-malware/#entry150370 Note the settings in DelFix: http://www.lavasoftsupport.com/index.php?/topic/34494-trouble-with-malware/#entry150352 and maybe important to have an old restore point. Quote Share this post Link to post Share on other sites
LS.Andy 79 Report post Posted April 19, 2016 Hi Cecilia, Sorry for the long delay. The detection was recreated and was found to be n false positive. The file will no longer be detected as of an update to be released to day. Andy Quote Share this post Link to post Share on other sites
CeciliaB 475 Report post Posted April 19, 2016 Thanks, Andy Quote Share this post Link to post Share on other sites
